First published: Mon Aug 05 2024(Updated: )
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Android | ||
All of | ||
Qualcomm WSA8845 Firmware | ||
Qualcomm WSA8845H Firmware | ||
All of | ||
Qualcomm WSA8845H | ||
Qualcomm WSA8845 Firmware | ||
All of | ||
Qualcomm WSA8840 Firmware | ||
Qualcomm WSA8840 Firmware | ||
All of | ||
Qualcomm WCD9395 Firmware | ||
Qualcomm WCD9395 Firmware | ||
All of | ||
Qualcomm WCD9390 Firmware | ||
Qualcomm WCD9390 Firmware | ||
All of | ||
Qualcomm WCD9340 Firmware | ||
Qualcomm WCD9340 Firmware | ||
All of | ||
Qualcomm Snapdragon X75 5G Modem-RF System Firmware | ||
Qualcomm Snapdragon X75 5G Modem-RF | ||
All of | ||
Qualcomm Snapdragon X72 5G-RF System Firmware | ||
Qualcomm Snapdragon X72 5G Modem-RF | ||
All of | ||
Qualcomm Snapdragon X35 5G-RF System Firmware | ||
Qualcomm Snapdragon X35 5G-RF System | ||
All of | ||
Qualcomm Snapdragon Auto 5G-RF Gen 2 Firmware | ||
Qualcomm Snapdragon Auto 5G Modem-RF | ||
All of | ||
Qualcomm Snapdragon 8 Gen 3 Mobile Firmware | ||
Qualcomm Snapdragon 8 Gen 3 Mobile Platform | ||
All of | ||
Qualcomm QFW7124 | ||
Qualcomm QFW7124 | ||
All of | ||
Qualcomm QFW7114 Firmware | ||
Qualcomm QFW7114 Firmware | ||
All of | ||
Qualcomm QEP8111 Firmware | ||
Qualcomm QEP8111 Firmware | ||
All of | ||
Qualcomm QCN6274 Firmware | ||
Qualcomm QCN6274 Firmware | ||
All of | ||
Qualcomm QCN6224 Firmware | ||
Qualcomm QCN6224 Firmware | ||
All of | ||
Qualcomm QCC710 | ||
Qualcomm QCC710 | ||
All of | ||
Qualcomm QCA8337 Firmware | ||
Qualcomm QCA8337 Firmware | ||
All of | ||
Qualcomm QCA8081 firmware | ||
Qualcomm QCA8081 firmware | ||
All of | ||
Qualcomm QCA6698AQ | ||
Qualcomm QCA6698AQ Firmware | ||
All of | ||
Qualcomm QCA6584AU Firmware | ||
Qualcomm QCA6584AU firmware | ||
All of | ||
Qualcomm QCA6174A Firmware | ||
Qualcomm QCA6174A Firmware | ||
All of | ||
Qualcomm FastConnect 7800 Firmware | ||
Qualcomm Fastconnect 7800 Firmware | ||
All of | ||
Qualcomm FastConnect 6900 Firmware | ||
Qualcomm Fastconnect 6900 Firmware | ||
All of | ||
Qualcomm AR8035 Firmware | ||
Qualcomm AR8035 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-23350 is classified as a Permanent Denial of Service (DOS) vulnerability.
To address CVE-2024-23350, ensure updating to the latest firmware versions provided by Qualcomm or Google that include patches for this vulnerability.
CVE-2024-23350 affects various Qualcomm firmware products including WSA8845, WSA8840, WCD9395, and Android systems.
CVE-2024-23350 can be exploited through malicious payloads sent via DL NAS transport.
As of now, there have been reports of exploitation of CVE-2024-23350, resulting in active attacks leveraging this vulnerability.